Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server
Paul Johnson
pauljohn32 at gmail.com
Sat Jun 17 02:18:06 UTC 2006
Watching this thread go bye, I was wondering about the more
fundamental question.
Does your LDAP server give the POSIX user information that the linux
system requires for login? We have one of those Iplanet servers and
user accounts do not have that information by default and the
administrators act like their asses are starting on fire when we ask
them to put in those user attributes.
The symptom of the problem is that logins fail, but ldapsearch does
turn up user information.
pj
On 6/16/06, Gordon Messmer <yinyang at eburg.com> wrote:
> ay0my wrote:
> > I tried your suggestion the results looks OK.
> >
> > [root at sspxz100 ~]# id s39427
> > uid=111(s39427) gid=14(sysadmin) groups=14(sysadmin)
> > [root at sspxz100 ~]# ls -l ~s39427
> > total 0
>
> Good, then NSS is set up right, and you just need to look at PAM.
>
> > I saw the following error in /var/log/secure when the "permission denied" error is encountered.
> >
> > Jun 15 17:19:38 sspxz100 sshd[13765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ci-nb39427-6.sf.sp.edu.sg user=s39427
>
> So... what does /etc/pam.d/system-auth look like? Specifically, what do
> the lines that begin with "auth" look like?
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
--
Paul E. Johnson
Professor, Political Science
1541 Lilac Lane, Room 504
University of Kansas
More information about the fedora-list
mailing list